![]() 00000002.0 0000001.sd mpīinary or memory string: OriginalFi lenameuser 32j% vs Xe nos64.exe 00000002.0 0020000.sd mpīinary or memory string: OriginalFi lenameXeno s.exe, vs Xenos64.ex e Sample file is different than original file name gathered from version infoīinary or memory string: OriginalFi lename vs Xenos64.ex e Static PE information: Resource n ame: DRIVE R type: PE 32+ execut able (nati ve) x86-64, for MS W indows PE file contains executable resources (Code or Archives) Source: 0.2.Xenos6 4.exe.1400 00000.1.un pack, type : UNPACKED PEĬontains functionality to communicate with device drivers Matched rule: Detects Bl ackBone Dr iver injec tor Malicious sample detected (through community Yara rule)
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |